Best firewall gateway version of Linux ?
Alex Satrapa
grail at goldweb.com.au
Wed Jan 16 07:38:23 EST 2002
On Tuesday, January 15, 2002, at 11:03 , Rasjid Wilcox wrote:
> No-one really answered the 'some idea of the most common version' part
> of
> your question. However, I know that despite moves afoot from
> Smoothwall to
> IPCop, a number of list members use Smoothwall.
I think the implicit answer to that question was "neither Smoothwall nor
IPCop". Most people use the "roll your own" version!
I have used SmoothWall GPL in the past, and what I found is that
pre-packaged firewalls are great if you only want to do what the
firewall was designed to let you do - ie: browse the web and read mail
through web-mail sites, or using IMAP clients that connect to external
servers.
SmoothWall GPL at the time did not let you do things like:
- SSH into your network from outside
- Set up a tunnel between your network and someone else's (or vice
versa)
Then of course are the maintenance issues - the version of SmoothWall
that I first used didn't use logrotate. So the logs just grew and grew
and grew until the hard drive filled up and my SmoothWall box silently
failed to do anything.
To present you the "PPP log", SmoothWall would parse the entire syslog
looking for "pppd" entries. The sensible thing to do would have been to
generate the ppp log as events happen. In Debian for example, you get
the convenient /var/log/ppp.log. No need to parse anything, and you
even get logrotate thrown in to the deal ;)
The only feature I liked about SmoothWall GPL was that it made it
possible for my non-tech housemates to dial up to the internet by
clicking a button on a web page. Easy. So I ripped out the scripts
responsible and stuck them on a Debian box.
Alex
More information about the linux
mailing list